{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","type":"deb","namespace":"debian","name":"mediawiki","version":"1:1.19.2-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.19.3-1","latest_non_vulnerable_version":"1:1.43.8+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92385?format=json","vulnerability_id":"VCID-e9pq-ynp8-nygx","summary":"MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not properly protect user block metadata, which allows remote administrators to read a user block reason via a reblock attempt.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4382","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52292","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5221","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52133","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52177","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52205","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5217","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52223","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52219","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5227","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52254","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52278","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52281","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52264","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52212","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5222","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52129","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5218","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52224","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52186","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4382"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4382","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4382"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html"},{"reference_url":"https://phabricator.wikimedia.org/T41823","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T41823"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4382","reference_id":"CVE-2012-4382","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:N/A:N"},{"value":"4.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4382"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4382"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9pq-ynp8-nygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92382?format=json","vulnerability_id":"VCID-fm5x-32wy-57e3","summary":"MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options HTTP header, which allows remote attackers to conduct clickjacking attacks via an embedded API response in an IFRAME element.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4379","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62651","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62595","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62405","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62463","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62461","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62513","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62529","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62548","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62537","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62514","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62555","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62561","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62543","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62553","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62569","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62566","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62516","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62564","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62617","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6257","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4379"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=853426","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=853426"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4379","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4379"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html"},{"reference_url":"https://phabricator.wikimedia.org/T41180","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T41180"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4379","reference_id":"CVE-2012-4379","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4379"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4379"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fm5x-32wy-57e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92381?format=json","vulnerability_id":"VCID-fsk6-nkuk-wqa3","summary":"Multiple cross-site scripting (XSS) vulnerabilities in MediaWiki before 1.18.5 and 1.19.x before 1.19.2, when unspecified JavaScript gadgets are used, allow remote attackers to inject arbitrary web script or HTML via the userlang parameter to w/index.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4378","reference_id":"","reference_type":"","scores":[{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66463","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66403","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66198","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66239","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66265","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66235","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66283","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66296","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66316","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66303","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66306","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66323","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66308","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66332","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66346","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66367","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.6641","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66382","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4378"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=853417","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=853417"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4378"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html"},{"reference_url":"https://phabricator.wikimedia.org/T39587","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T39587"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4378","reference_id":"CVE-2012-4378","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4378"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4378"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fsk6-nkuk-wqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92380?format=json","vulnerability_id":"VCID-m5a4-k87e-skaq","summary":"Cross-site scripting (XSS) vulnerability in MediaWiki before 1.18.5 and 1.19.x before 1.19.2 allows remote attackers to inject arbitrary web script or HTML via a File: link to a nonexistent image.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4377","reference_id":"","reference_type":"","scores":[{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77146","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76895","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76902","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76932","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76915","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76947","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76958","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76986","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76965","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.7696","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77001","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77004","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.76996","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77031","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77038","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77052","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77042","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77072","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.77092","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00998","scoring_system":"epss","scoring_elements":"0.7708","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=853409","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=853409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4377"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html"},{"reference_url":"https://phabricator.wikimedia.org/T41700","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T41700"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4377","reference_id":"CVE-2012-4377","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4377"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4377"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5a4-k87e-skaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92384?format=json","vulnerability_id":"VCID-pqtu-ce8a-q7bk","summary":"MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4381","reference_id":"","reference_type":"","scores":[{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86748","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86758","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86778","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86795","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86804","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86817","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86813","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86824","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86829","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86828","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.8685","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86851","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86874","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86893","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86911","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86907","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.8692","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03103","scoring_system":"epss","scoring_elements":"0.86949","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4381"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4381"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pqtu-ce8a-q7bk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92383?format=json","vulnerability_id":"VCID-rjz9-twh9-wkaa","summary":"MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass GlobalBlocking extension IP address blocking and create an account via unspecified vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4380","reference_id":"","reference_type":"","scores":[{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68207","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68151","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.67949","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.67971","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.6799","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.67969","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.6802","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68034","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68058","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68044","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.6801","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68047","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.6806","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68043","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68086","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68094","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.681","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68074","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68116","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68157","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00552","scoring_system":"epss","scoring_elements":"0.68125","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4380"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=686330"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=853440","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=853440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4380"},{"reference_url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.wikimedia.org/pipermail/mediawiki-announce/2012-August/000119.html"},{"reference_url":"https://phabricator.wikimedia.org/T41824","reference_id":"","reference_type":"","scores":[],"url":"https://phabricator.wikimedia.org/T41824"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/10","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/10"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/31/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/31/6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mediawiki:mediawiki:1.19.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4380","reference_id":"CVE-2012-4380","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4380"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/930644?format=json","purl":"pkg:deb/debian/mediawiki@1:1.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930615?format=json","purl":"pkg:deb/debian/mediawiki@1:1.35.13-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.35.13-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930613?format=json","purl":"pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7831-8u7z-6fep"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.39.17-1~deb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930618?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-1~deb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-buwp-69zb-93hs"},{"vulnerability":"VCID-cbtm-g4t5-u3am"},{"vulnerability":"VCID-d5vz-puw9-t7er"},{"vulnerability":"VCID-kw32-af5a-hqg8"},{"vulnerability":"VCID-q7k6-59z5-d7a7"},{"vulnerability":"VCID-wktm-ya6k-v7dv"},{"vulnerability":"VCID-x8t7-agtn-zudu"},{"vulnerability":"VCID-xdct-ca96-3uat"},{"vulnerability":"VCID-zmax-894d-5kfd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-1~deb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930616?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.6%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.6%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930617?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-kw32-af5a-hqg8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1059637?format=json","purl":"pkg:deb/debian/mediawiki@1:1.43.8%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.43.8%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4380"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjz9-twh9-wkaa"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mediawiki@1:1.19.2-1%3Fdistro=trixie"}